Frequently Asked Questions

Certificate Signing Request (CSR) is a block of encrypted data generated by the server which contains information such as organization name (company name), common name (domain name), region, and country which are required to generate certificates. It also contains a public and private key when the CSR is generated.

Creating a CSR depends on the type of web server which uses the certificates. Please refer to the instructions provided by the vendor to complete the process. If you are familiar with OpenSSL, you can use the following commands to generate a CSR and private key. openssl req -new -keyout server.key -out server.csr

You can use CSR (Certificate Signing Request) to order for an SSL certificate, but it does not require a private key. The private key must be kept secret. Certificates created with a particular CSR will only work with the private key generated by it. Please note that if you lose your private key, your certificate will not work any longer. Please refer to the explanation page for more details on how to create a CSR.

There are three types of certificates – Domain Validation (domain authentication type), Organization Validation (organization authentication type), and Extended Validation (extended verification type) certificates, and the authentication process differs accordingly. Please refer to the detailed SSL certificate guide for more details.

A domain (DV) authenticated SSL certificate is issued only after the owner verified that he/she has the right to use the established domain. Firstly, the Certificate Authority (CA) sends an email to the domain owner who is listed in the WHOIS database. After receiving a confirmation from the domain owner, a DV certificate will be issued. Each CA has to perform checks to ensure that SSL certificates are true and not fraudulent as domain certificates may resemble famous domains (eg. yah00.com, amaz0n.com, gOogle.co, etc). The DV certificate contains only the domain name and is usually issued faster than other types of certificates because the evaluation process is not as stringent and checks are minimal. While the padlock is displayed
in the browser, it will not be displayed because the company name is not verified and authenticated.

Organization Validated Certificates provide an added degree of SSL protection for your website and business through identity verification. Organization Validated certificates verify domain owners and authenticate the business organizations affiliated with the URL. OV certificates are often used by large organizations or entities which often manage and deal with sensitive and confidential information of visitors. Please check out more details by referring to the guide on SSL authentication information page.

TuringSign EV (Extended Validation) certificates have to undergo both DV and OV authentication process. Extended Validation Certificates offer the highest protection and trust available. The verification process for EV certificates is comprehensive and extensive. Additional details such as address and the name of the CEO have to be confirmed and verified for EV authentication. Please refer to the guide on SSL authentication information page for more details.

DV (domain-validation) certificates can only be issued after the owner has established proof that he/she has the right to use the domain. The certificate authority will send an email to the domain owner. After the owner replies, a DV certificate will be issued. Many certificate authorities perform additional fraud checks to issue domain certificates that might resemble high-value domains (eg micros0ft. Com, g00gle. Com, b0fay. Com, etc. ). The certificate contains only the domain name. This certificate is usually issued faster than other types of certificates because checks performed are minimal. While the padlock is displayed in the browser, it will not be displayed because the company name has not been verified by the certificate authority.

The certificate authorities should use a public database to check and confirm company names, domain names, and other essential information for OV (organization-validation) certificates. The certificate authority may also use additional methods to ensure that the information shown in the certificate is accurate. The issued certificate includes information such as company name and domain name. With these additional checks, this is the most suitable certificate recommended for E-commerce businesses to provide consumers additional information and to reassure them regarding transactions.

EV (extended-validation) certificates are issued only if the organization passes the strict authentication and validation process conducted by certificate authority. These checks are much more stringent than the procedures for OV certificates. The issued EV certificate displays a green address bar in internet browser and also shows the official organization name and address to verify that the entity is legitimate.

The SSL server certificate can be installed on different types of servers, please refer to the installation guide page after purchasing TuringSign SSL certificates.

The TuringSign SSL certificate can be canceled within 30 days of issuance. We have not issued a formal test certificate, but please check the correct operation before installing the server certificate on the website and cancel it.

The maximum validity period of SSL certificate is 397 days.

TuringSign certificate has the official “WebTrust Audit” certification, hence it offers a variety of browser compatibility. Please be assured that you can use it safely and securely in different countries on different web servers.

The verification duration varies depending on the authentication process of server certificates.
SSL certificates are normally issued immediately after verification is completed.
DV certification takes approximately less than a day, OV certification 1 – 3 days, and EV certification 1 – 5 days.
Please refer to SSL authentication information page for more information.

Presently, the maximum duration is 397 days, but we are in the midst of preparing products for multi-year plans.

EV certificates are issued only if the organization passes strict authentication procedures. These checks are conducted
more stringently than OV certificates.

EV certificates has two functions.

1. To assure internet users of the legal entity of website they are visiting. The organization is identified by name,
business address, business registration number as well as EV certificate.

2. To facilitate the exchange of encryption keys between Internet browser users and websites so as to enable
encrypted communication of information over internet. The second purpose of EV certificates is to establish the
legality of companies, and to address issues related to phishing, malware, and fraud. EV certificates help to establish
credibility of your business by providing reliable validated identity and address information regarding your organization.